Class: Aikido::Zen::Middleware::AttackWaveProtector

Inherits:

Object

Object
Aikido::Zen::Middleware::AttackWaveProtector

show all

Defined in:: lib/aikido/zen/middleware/attack_wave_protector.rb

Instance Method Summary collapse

#attack_wave?(context) ⇒ Boolean private

Visible for testing.
#call(env) ⇒ Object
#initialize(app, zen: Aikido::Zen, settings: Aikido::Zen.runtime_settings) ⇒ AttackWaveProtector constructor

A new instance of AttackWaveProtector.
#protect(context) ⇒ Object private

Visible for testing.

Constructor Details

#initialize(app, zen: Aikido::Zen, settings: Aikido::Zen.runtime_settings) ⇒ `AttackWaveProtector`

Returns a new instance of AttackWaveProtector.

# File 'lib/aikido/zen/middleware/attack_wave_protector.rb', line 7

def initialize(app, zen: Aikido::Zen, settings: Aikido::Zen.runtime_settings)
  @app = app
  @zen = zen
  @settings = settings
end

Instance Method Details

#attack_wave?(context) ⇒ `Boolean`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Visible for testing.

Returns:

(Boolean)

# File 'lib/aikido/zen/middleware/attack_wave_protector.rb', line 24

def attack_wave?(context)
  request = context.request
  return false if request.nil?

  return false if @settings.bypassed_ips.include?(request.client_ip)

  @zen.attack_wave_detector.attack_wave?(context)
end

#call(env) ⇒ `Object`

# File 'lib/aikido/zen/middleware/attack_wave_protector.rb', line 13

def call(env)
  response = @app.call(env)

  context = @zen.current_context
  protect(context)

  response
end

#protect(context) ⇒ `Object`